avcodec/hevc_ps: More complete window reset
authorMichael Niedermayer <michaelni@gmx.at>
Thu, 27 Nov 2014 14:03:35 +0000 (15:03 +0100)
committerMichael Niedermayer <michaelni@gmx.at>
Wed, 22 Apr 2015 10:27:24 +0000 (12:27 +0200)
Fixes out of array read
Fixes: signal_sigsegv_35bcf26_471_cov_2806540268_CAINIT_A_SHARP_4.bit
Found-by: Mateusz "j00ru" Jurczyk and Gynvael Coldwind
Signed-off-by: Michael Niedermayer <michaelni@gmx.at>
(cherry picked from commit 57e5812198aada016e9ba4149123c541f8c8a7ec)

Conflicts:

libavcodec/hevc_ps.c

libavcodec/hevc_ps.c

index f16651a..7d75b05 100644 (file)
@@ -887,10 +887,8 @@ int ff_hevc_decode_nal_sps(HEVCContext *s)
             goto err;
         }
         av_log(s->avctx, AV_LOG_WARNING, "Displaying the whole video surface.\n");
-        sps->pic_conf_win.left_offset   =
-        sps->pic_conf_win.right_offset  =
-        sps->pic_conf_win.top_offset    =
-        sps->pic_conf_win.bottom_offset = 0;
+        memset(&sps->pic_conf_win, 0, sizeof(sps->pic_conf_win));
+        memset(&sps->output_window, 0, sizeof(sps->output_window));
         sps->output_width  = sps->width;
         sps->output_height = sps->height;
     }